|
|
|
package LDV::User;
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
use warnings;
|
|
|
|
use utf8;
|
|
|
|
|
|
|
|
use Mojo::Base 'Mojolicious::Controller';
|
|
|
|
|
|
|
|
# pages
|
|
|
|
sub login { my ($self) = @_; $self->render(); }
|
|
|
|
sub register { my ($self) = @_; $self->render(); }
|
|
|
|
|
|
|
|
sub profile {
|
|
|
|
my ($self) = @_;
|
|
|
|
|
|
|
|
if (my $uid = $self->session('useruid')) {
|
|
|
|
my $data = $self->app->ldap->get($uid);
|
|
|
|
$self->stash(user_data => $data);
|
|
|
|
$self->render();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
$self->redirect_to('/user/login');
|
|
|
|
$self->rendered();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
sub logout {
|
|
|
|
my ($self) = @_;
|
|
|
|
|
|
|
|
$self->session({useruid => undef});
|
|
|
|
$self->redirect_to('/user/login');
|
|
|
|
$self->rendered();
|
|
|
|
}
|
|
|
|
|
|
|
|
sub auth {
|
|
|
|
my ($self) = @_;
|
|
|
|
my $user = $self->req->param('username');
|
|
|
|
my $pass = $self->req->param('password');
|
|
|
|
|
|
|
|
eval {
|
|
|
|
my $delay = $self->app->config->{ldap}->{auth_delay};
|
|
|
|
sleep $delay if $delay;
|
|
|
|
($user and $pass)
|
|
|
|
or die("empty username or password\n");
|
|
|
|
($user =~ m|^([a-z0-9_-]){3,64}$|oia)
|
|
|
|
or die("wrong username\n");
|
|
|
|
$self->app->ldap->auth($user, $pass)
|
|
|
|
or die("wrong user or password\n");
|
|
|
|
$self->session({useruid => $user});
|
|
|
|
$self->redirect_to('/user/profile');
|
|
|
|
} or do {
|
|
|
|
$self->flash({result => "Auth failed: $@"});
|
|
|
|
$self->redirect_to('/user/login');
|
|
|
|
};
|
|
|
|
|
|
|
|
$self->rendered;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
sub create {
|
|
|
|
my ($self) = @_;
|
|
|
|
|
|
|
|
eval {
|
|
|
|
my $error;
|
|
|
|
my $user = $self->req->param('username');
|
|
|
|
my $pass = $self->req->param('password');
|
|
|
|
my $mail = $self->req->param('mail');
|
|
|
|
($user and $pass and $mail)
|
|
|
|
or die("please fill all fields\n");
|
|
|
|
($user =~ m|^([a-z0-9_-]){3,64}$|oia)
|
|
|
|
or die("wrong username\n");
|
|
|
|
|
|
|
|
$error = $self->app->ldap->create($user);
|
|
|
|
die("$error") if $error;
|
|
|
|
$error = $self->app->ldap->update($user, {mail => $mail});
|
|
|
|
die("$error") if $error;
|
|
|
|
$error = $self->app->ldap->chpass($user, $pass);
|
|
|
|
die("$error") if $error;
|
|
|
|
|
|
|
|
# TODO: confirmation email
|
|
|
|
|
|
|
|
$self->redirect_to('/user/profile'); 1;
|
|
|
|
} or do {
|
|
|
|
$self->app->log->error($@);
|
|
|
|
$self->flash({result => "Can't create user: $@"});
|
|
|
|
$self->redirect_to('/user/create');
|
|
|
|
};
|
|
|
|
|
|
|
|
$self->rendered();
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
sub update {
|
|
|
|
my ($self) = @_;
|
|
|
|
|
|
|
|
eval {
|
|
|
|
my $user = $self->session('useruid')
|
|
|
|
or die("not logged in\n");
|
|
|
|
my $pass = $self->req->param('password')
|
|
|
|
or die("need current password\n");
|
|
|
|
$self->app->ldap->auth($user, $pass)
|
|
|
|
or die("wrong password\n");
|
|
|
|
|
|
|
|
my %attrs = ();
|
|
|
|
foreach my $key (qw(displayName mail o mobile)) {
|
|
|
|
my $value = $self->req->param(lc($key));
|
|
|
|
$attrs{$key} = $value;
|
|
|
|
}
|
|
|
|
my $error = $self->app->ldap->update($user, \%attrs);
|
|
|
|
die("$error\n") if $error;
|
|
|
|
$self->redirect_to('/user/profile'); 1;
|
|
|
|
} or do {
|
|
|
|
$self->flash({result => "Can't save profile: $@"});
|
|
|
|
$self->redirect_to('/user/login');
|
|
|
|
};
|
|
|
|
|
|
|
|
$self->rendered();
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
1;
|